What is the severity of CVE-2018-1000657?

CVE-2018-1000657 has a severity rating of 7.8, which is considered high.

How does CVE-2018-1000657 affect Rust?

CVE-2018-1000657 affects Rust programming language versions Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later, as well as stable release 1.3.0 and later.

How can I fix CVE-2018-1000657?

To fix CVE-2018-1000657, users should update their Rust programming language to a version that includes the necessary patch for the vulnerability.

Where can I find more information about CVE-2018-1000657?

You can find more information about CVE-2018-1000657 at the following references: [SecurityFocus](http://www.securityfocus.com/bid/105188), [GitHub Commit](https://github.com/rust-lang/rust/commit/f71b37bc28326e272a37b938e835d4f99113eec2), [GitHub Issue](https://github.com/rust-lang/rust/issues/44800).

Vulnerability/
CVE-2018-1000657

high

7.8

CWE

119

20/8/2018

5/8/2024

CVE-2018-1000657: Buffer Overflow

Q: What is CVE-2018-1000657?

CVE-2018-1000657 is a vulnerability in the Rust Programming Language Rust standard library that allows for arbitrary code execution.

First published: Mon Aug 20 2018(Updated: )

Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. This vulnerability appears to have been fixed in after commit fdfafb510b1a38f727e920dccbeeb638d39a8e60; stable release 1.22.0 and later.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Rust-lang Rust	>=1.3.0<1.22.0

Remedy

https://github.com/rust-lang/rust/commit/f71b37bc28326e272a37b938e835d4f99113eec2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-1000657?
CVE-2018-1000657 is a vulnerability in the Rust Programming Language Rust standard library that allows for arbitrary code execution.
What is the severity of CVE-2018-1000657?
CVE-2018-1000657 has a severity rating of 7.8, which is considered high.
How does CVE-2018-1000657 affect Rust?
CVE-2018-1000657 affects Rust programming language versions Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later, as well as stable release 1.3.0 and later.
How can I fix CVE-2018-1000657?
To fix CVE-2018-1000657, users should update their Rust programming language to a version that includes the necessary patch for the vulnerability.
Where can I find more information about CVE-2018-1000657?
You can find more information about CVE-2018-1000657 at the following references: [SecurityFocus](http://www.securityfocus.com/bid/105188), [GitHub Commit](https://github.com/rust-lang/rust/commit/f71b37bc28326e272a37b938e835d4f99113eec2), [GitHub Issue](https://github.com/rust-lang/rust/issues/44800).

collector/nvd-index
agent/tags
agent/type
agent/event
agent/severity
agent/references
agent/weakness
agent/author
agent/description
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/rust-lang
canonical/rust-lang rust
version/rust-lang rust/1.3.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.